Example #1
0
 public function isGroupMember($id)
 {
     global $db, $db_table_prefix;
     $sql = "SELECT " . $db_table_prefix . "users.group_id, \n\t\t\t\t" . $db_table_prefix . "groups.* FROM " . $db_table_prefix . "users \n\t\t\t\tINNER JOIN " . $db_table_prefix . "groups ON " . $db_table_prefix . "users.group_id = " . $db_table_prefix . "groups.group_id\n\t\t\t\tWHERE user_id  = '" . $db->sql_escape($this->user_id) . "'\n\t\t\t\tAND\n\t\t\t\t" . $db_table_prefix . "users.group_id = '" . $db->sql_escape($db->sql_escape($id)) . "'\n\t\t\t\tLIMIT 1\n\t\t\t\t";
     if (returns_result($sql)) {
         return true;
     } else {
         return false;
     }
 }
Example #2
0
 public function isGroupMember($id)
 {
     global $db;
     $sql = "SELECT {$db->users}.group_id,{$db->groups}.* FROM {$db->users} INNER JOIN {$db->groups} ON {$db->users}.group_id = {$db->groups}.group_id WHERE user_id  = '" . $db->sql_escape($this->user_id) . "' AND {$db->users}.group_id = '" . $db->sql_escape($db->sql_escape($id)) . "' LIMIT 1";
     if (returns_result($sql)) {
         return true;
     } else {
         return false;
     }
 }
 public function isGroupMember($id)
 {
     global $db, $db_table_prefix;
     $sql = "SELECT " . $db_table_prefix . "Users.Group_ID, " . $db_table_prefix . "Groups.* FROM " . $db_table_prefix . "Users INNER JOIN " . $db_table_prefix . "Groups ON " . $db_table_prefix . "Users.Group_ID = " . $db_table_prefix . "Groups.Group_ID WHERE User_ID  = '" . (int) $this->user_id . "' AND " . $db_table_prefix . "Users.Group_ID = '" . (int) $db->sql_escape($id) . "'";
     if (returns_result($sql)) {
         return true;
     } else {
         return false;
     }
 }
Example #4
0
/*
		UserPie Version: 1.0
		http://userpie.com
*/
//  Primitive installer
require_once "../models/settings.php";
//Dbal Support - Thanks phpBB ; )
require_once "../models/db/" . $dbtype . ".php";
require_once "../models/funcs.user.php";
//Construct a db instance
$db = new $sql_db();
if (is_array($db->sql_connect($db_host, $db_user, $db_pass, $db_name, $db_port, false, false))) {
    echo "<strong>Unable to connect to the database, check your settings.</strong>";
    echo "<p><a href=\"?install=true\">Try again</a></p>";
} else {
    if (returns_result("SELECT * FROM " . $db_table_prefix . "groups LIMIT 1") > 0) {
        echo "<strong>UserPie has already been installed.<br /> Please remove / rename the install directory.</strong> <p>Continue...</p>";
    } else {
        if (isset($_GET["install"])) {
            $db_issue = false;
            $groups_sql = "\n\t\t\t\t\tCREATE TABLE IF NOT EXISTS `" . $db_table_prefix . "groups` (\n\t\t\t\t\t`group_id` int(11) NOT NULL auto_increment,\n\t\t\t\t\t`group_name` varchar(225) NOT NULL,\n\t\t\t\t\t PRIMARY KEY  (`group_id`)\n\t\t\t\t\t) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;\n\t\t\t\t";
            $group_entry = "\n\t\t\t\t\tINSERT INTO `" . $db_table_prefix . "groups` (`group_id`, `group_name`) VALUES\n\t\t\t\t\t(1, 'Standard User');\n\t\t\t\t";
            $users_sql = "\n\t\t\t\t\t CREATE TABLE IF NOT EXISTS `" . $db_table_prefix . "users` (\n\t\t\t\t\t`user_id` int(11) NOT NULL auto_increment,\n\t\t\t\t\t`username` varchar(150) NOT NULL,\n\t\t\t\t\t`username_clean` varchar(150) NOT NULL,\n\t\t\t\t\t`password` varchar(225) NOT NULL,\n\t\t\t\t\t`email` varchar(150) NOT NULL,\n\t\t\t\t\t`activationtoken` varchar(225) NOT NULL,\n\t\t\t\t\t`last_activation_request` int(11) NOT NULL,\n\t\t\t\t\t`LostpasswordRequest` int(1) NOT NULL default '0',\n\t\t\t\t\t`active` int(1) NOT NULL,\n\t\t\t\t\t`group_id` int(11) NOT NULL,\n\t\t\t\t\t`sign_up_date` int(11) NOT NULL,\n\t\t\t\t\t `last_sign_in` int(11) NOT NULL,\n\t\t\t\t\t PRIMARY KEY  (`user_id`)\n\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;\n\t\t\t\t";
            $sessions_sql = "\n\t\t\t    \t\t CREATE TABLE IF NOT EXISTS `" . $db_table_prefix . "sessions` (\n\t\t\t\t\t`session_start` int(11) NOT NULL,\n\t\t\t\t\t`session_data` text NOT NULL,\n\t\t\t\t\t`session_id` varchar(255) NOT NULL,\n\t\t\t\t\tPRIMARY KEY (`session_id`)\n\t\t\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=latin1;\n\t\t\t\t";
            if ($db->sql_query($groups_sql)) {
                echo "<p>" . $db_table_prefix . "groups table created.....</p>";
            } else {
                echo "<p>Error constructing " . $db_table_prefix . "groups table.</p><br /><br /> DBMS said: ";
                echo print_r($db->_sql_error());
                $db_issue = true;
            }
Example #5
0
function isUserLoggedIn()
{
    global $loggedInUser, $db, $db_table_prefix;
    if ($loggedInUser == NULL) {
        return false;
    } else {
        $sql = "SELECT id,\n\t\t\t\tpassword\n\t\t\t\tFROM " . $db_table_prefix . "profiles\n\t\t\t\tWHERE\n\t\t\t\tid = '" . $db->sql_escape($loggedInUser->id) . "'\n\t\t\t\tAND \n\t\t\t\tpassword = '" . $db->sql_escape($loggedInUser->hash_pw) . "' \n\t\t\t\tAND\n\t\t\t\tactive = 1\n\t\t\t\tLIMIT 1";
        //Query the database to ensure they haven't been removed or possibly banned?
        if (returns_result($sql) > 0) {
            return true;
        } else {
            //No result returned kill the user session, user banned or deleted
            $loggedInUser->userLogOut();
            return false;
        }
    }
}
function isUserLoggedIn()
{
    global $loggedInUser, $db, $db_table_prefix;
    if ($loggedInUser == NULL) {
        return false;
    } else {
        $sql = "SELECT User_ID,\n\t\t\t\tPassword\n\t\t\t\tFROM " . $db_table_prefix . "Users\n\t\t\t\tWHERE\n\t\t\t\tUser_ID = '" . $db->sql_escape($loggedInUser->user_id) . "'\n\t\t\t\tAND \n\t\t\t\tPassword = '" . $db->sql_escape($loggedInUser->hash_pw) . "' \n\t\t\t\tAND\n\t\t\t\tActive = 1\n\t\t\t\tLIMIT 1";
        // TODO: For fuck's sake, can't this be made more efficient???
        //Query the database to ensure they haven't been removed or possibly banned?
        if (returns_result($sql) > 0) {
            return true;
        } else {
            //No result returned kill the user session, user banned or deleted
            $loggedInUser->userLogOut();
            return false;
        }
    }
}
function isUserLoggedIn()
{
    global $loggedInUser, $db, $db_table_prefix;
    if ($loggedInUser == NULL) {
        return false;
    } else {
        //Query the database to ensure they haven't been removed or possibly banned?
        if (returns_result("SELECT User_ID,Password FROM " . $db_table_prefix . "Users WHERE User_ID = '" . (int) $db->sql_escape($loggedInUser->user_id) . "' AND Password = '" . $db->sql_escape($loggedInUser->hash_pw) . "' AND Active = 1 LIMIT 1") > 0) {
            return true;
        } else {
            //No result returned kill the user session, user banned or deleted
            $loggedInUser->userLogOut();
            return false;
        }
    }
}
Example #8
0
function isUserLoggedIn()
{
    global $loggedInUser, $db;
    if (!isset($loggedInUser) || $loggedInUser == NULL) {
        return false;
    }
    if ($loggedInUser == NULL) {
        return false;
    } else {
        $sql = "SELECT user_id,password FROM {$db->users} WHERE user_id = '" . $db->sql_escape($loggedInUser->user_id) . "' AND  password = '" . $db->sql_escape($loggedInUser->hash_pw) . "' AND active = 1 LIMIT 1";
        //Query the database to ensure they haven't been removed or possibly banned?
        if (returns_result($sql) > 0) {
            return true;
        } else {
            //No result returned kill the user session, user banned or deleted
            $loggedInUser->userLogOut();
            return false;
        }
    }
}